package pers.lt.admin.controller;


import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;
import pers.lt.admin.services.LoginServices;
import pers.lt.hibernatebeans.UserInfoEntity;
import pers.lt.tools.StringFacs;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;

/**
 * Created by liting on 2016/7/5.
 * 管理用户登录 或者 注册
 */
@Controller
@RequestMapping(value = "/mlogin")
public class LoginControllers {
    @Resource
    private LoginServices loginServices;
    //跳转到登录页面
    @RequestMapping(value = "/index.html")
    public ModelAndView login(HttpServletRequest request, HttpServletResponse response) {
        ModelAndView modelAndView = new ModelAndView("/admin/login");
        return modelAndView;
    }
    //无权限页面
    @RequestMapping(value = "/norights.html")
    public String norights(HttpServletRequest request, HttpServletResponse response){

        return "/admin/norights";
    }
    //登录校验
    @RequestMapping(value = "/loginCheck.html")
    public String loginCheck(UserInfoEntity userInfoEntity , HttpServletRequest request, Model model){
        Subject subject = SecurityUtils.getSubject();
        //取到登录成功跳转的页面
        String sUrl = request.getParameter("surl");
        //跳转成功默认页面为 /admin/main/index.html
        if(StringFacs.isEmpty(sUrl)) sUrl="/admin/index.html";
        /*System.out.println(userInfoEntity.getUsername());*/
        UsernamePasswordToken token = new UsernamePasswordToken(userInfoEntity.getUsername(),userInfoEntity.getPassword());
        //定义返回的地址变量rUrl,rscontent 失败跳转的页面通过request.getAttrabute("rscontent") 得到失败原因
        String rUrl = "redirect:"+sUrl;
        String rsContent = "登录失败";
        try {
            subject.login(token);
            Map map = new HashMap();
            subject.getSession().setAttribute("session_userinfo",loginServices.queryUserInfo(subject.getPrincipal().toString()));
        } catch (UnknownAccountException uae) {
            rUrl =  "/admin/login";
            rsContent = "账号错误";
        } catch (IncorrectCredentialsException ice) {
            rUrl = "/admin/login";
            rsContent = "密码错误";
        } /*catch (LockedAccountException lae) {
            rUrl =  "/admin/login";
            rsContent = "账号锁定";
        } catch (AuthenticationException ae){
            rUrl =  "/admin/login";
            rsContent = "验证错误";
        }*/
        request.setAttribute("rscontent",rsContent);
        return rUrl;
    }
    //注销
    @RequestMapping(value = "/loginout.html")
    public String loginOut(UserInfoEntity userInfoEntity , HttpServletRequest request, HttpServletResponse response) {
       // System.out.println("wefwefwef");
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            subject.logout(); // session 会销毁，在SessionListener监听session销毁，清理权限缓
        }
        return "redirect:/mlogin/index.html";
    }
}
